There’s been a spike in ransomware attacks targeting schools, colleges and universities, the UK’s National Cyber Security Centre (NCSC) has warned.
The alert by the cyber security arm of GCHQ says it has dealt with a significant increase in the number of ransomware attacks targeting education over the course of the last month, a time in which schools were preparing to resume in-person lessons.
Ransomware attacks encrypt servers and data, preventing organisations from providing services. In this case, cyber criminals are hoping that the need for schools and colleges to provide teaching will result in victim organisations giving into extortion demands and paying a ransom in bitcoin in exchange for the decryption key required to restore the network.
“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing,” the agency said.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
It’s likely that the attempted targeting of sensitive information is an effort to engage in double-extortion ransomware attacks, where cyber criminals threaten to publish stolen data if they’re not paid the ransom.
“Any targeting of the education sector by cyber criminals is completely unacceptable,” said Paul Chichester, director of operations at the NCSC.
“This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted”.
Cybersecurity recommendations for schools, colleges and universities to protect their networks from ransomware attacks include having an effective strategy for vulnerability management and applying security patches, securing remote online services with multi-factor authentication and installing and enabling anti-virus software.
It’s also recommended that organisations have up-to-date and tested offline back-ups, so if the network is taken down by a ransomware attack, it can be restored without paying criminals.
“I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected,” said Steve Kennett, director of e-infrastructure at the higher education support body Jisc,
“Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what a devastating impact this crime has on the sector”.
The NCSC previously put out a warning about ransomware attacks targeting universities in September, but this particular form of cyber crime shows no sign of slowing down.
MORE ON CYBERSECURITY